Community discussions

 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Basic setup for router with multiple AP's

Sun Jul 09, 2017 5:09 am

Having just jumped into the world of MikroTik gear, I'm having trouble getting started. Quick gear summary:
- RB2011iLS router
- OmniTik 5 ac 5 GHz access point
- MikroTik wAP ac access point

The end goal is to have a "home" wired network with an associated wireless network running on both access points. I would also like the two access points to have an isolated wireless guest network. The OmniTik AP also feeds other wired devices off ports 2-5 (port 1 connects to the RB2011) which are part of the "home" network.

The router is the core connected to both my modem and the two access points via CAT5e. Using Quickset I can get the router working no issues. The wired devices plugged into it work fine. Where I'm having trouble is getting the AP's connected and online. I assume a CAPSMan setup would be over the top for this.

I could list the plethora of things I've tried, but the closest I've managed is running the home network Quickset on the OmniTik AP. When this completes devices can connect and there is both a "home" wireless network and a guest network. It seems to be isolated from the RB2011 though and has no Internet access. I have not even tried configuring the wAP ac AP yet as I figured I would deal with one at a time.

What should I do to get things running? I'm assuming the AP thinks it should be the "core router" and be connected to a modem on port 1. Just not sure how to proceed. Apologies if this is documented elsewhere, but I couldn't find it. Happy for Winbox instructions, but maybe not command line scripts for my first go! Thanks...
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Sun Jul 09, 2017 1:55 pm

A CAPsMAN setup will be great on this scenario, but you'd better get a grasp on your network first; it may be interesting for a future.

Now, the simplest and optimal approach for you is programming the Omnitik and the wAP ac as "wired/wireless switches".

When I say switches, I meaning in the same way you add a switch to your network: just plug it and it will transparently allow L2, extending your network; from that point onwards, anything you plug to its ports will be transparently connected to the network. The only difference here is this will happen with wireless clients too.

Example for a single SSID Omnitik follows:
/interface ethernet
set [ find default-name=ether1 ] name=1_To_2011
set [ find default-name=ether2 ] master-port=1_To_2011
set [ find default-name=ether3 ] master-port=1_To_2011
set [ find default-name=ether4 ] master-port=1_To_2011
set [ find default-name=ether5 ] master-port=1_To_2011

/interface bridge
add name=bridge1
/interface bridge port
add bridge=bridge1 interface=1_To_2011
add bridge=bridge1 interface=wlan1

/interface wireless
set [ find default-name=wlan1 ]
    disabled=no mode=ap-bridge ssid=YOURPRIVATESSID \
    wireless-protocol=802.11 wmm-support=enabled wps-mode=disabled 
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key=Y0urP4ssw0rd \
    supplicant-identity=MikroTik
    
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=bridge1

/system identity
set name=OmnitikAP
To apply it:

1.- Connect to Omnitik using mac-winbox (double click to mac address of the Omnitik on Winbox Neighbors tab):
2.- System > Reset Configuration, tick all three Keep User Configuration, No Default Configuration and Do Not Backup options
3.- After reboot, Connect again using mac-winbox, open a New Terminal and copy and paste former code

This programs the Omnitik to be essentially a wired/wireless "switch", which gets it's management IP from dhcp.

Now, connect it to the 2011. The 2011 will have a LAN bridge; you need to add the ether port coming from the Omnitik ether1 to that LAN bridge, say to ether2 on the 2011.

To do so you can either

- Make sure ether2 is not enslaved to any other ether, and add ether2 directly to the LAN bridge
- Make it slave of an interface already in the LAN bridge

Once you achieve that, any wireless station or wired device connecting to the Omnitik will get IP, etc from the 2011. It will be the same as having them physically connected to the 2011.

The wAP AC config will be essentially the same, but adding both wlan interfaces to bridge1 (which can have same SSID and password so that stations roam to the optimal one).

Try to get this working, will add/explain the isolated Guest SSID afterwards.

Post an export of the 2011.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Re: Basic setup for router with multiple AP's

Mon Jul 10, 2017 7:09 pm

So far so good... I have followed the script you included below and configured the Omnitik as a switch. The 2011 appeared to already have ether2 added to the LAN bridge - see configuration file attached. I have not yet configured the wAP AC as I ran out of time last night, but will do it tonight. All devices connected to the Omnitik (both wired and wireless) seem to be able to access the Internet in addition to the devices connected to the 2011 which is great.

Assuming I can get the wAP AC working tonight following a similar set of steps to the Omnitik - how do I get an isolated guest Wi-Fi network up and running? Thanks again...
You do not have the required permissions to view the files attached to this post.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Mon Jul 10, 2017 9:20 pm

The 2011 .rsc bridge looks fine.

Now to add an isolated wireless network, on the Omnitik (and each wAP AC wlan interface):
/interface wireless
add master-interface=wlan1 name=GuestNet security-profile=guestNet ssid=Guests wmm-support=enabled \
wps-mode=disabled  vlan-mode=use-tag vlan-id=100

/interface wireless security-profiles
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=guestNet supplicant-identity=MikroTik wpa2-pre-shared-key=YourGuestP4ssw0rd
In this example Guest network does have security; if you want the Guest SSID to be open, just set the guestNet profile mode from dynamic-keys to none.

This will create a virtualAP, and will put all traffic coming from stations connected to it on VLAN 100.

Last step: adding this virtualAP to the LAN bridge so that the virtualAP traffic (inside its VLAN) reaches the 2011:
add bridge=bridge1 interface=GuestNet
Now on the 2011, we need to:

- "Extract" this VLAN 100 tagged traffic
- Complete L3 setup for Guest network: as it's isolated, it will need its own IP addressing, DHCP, etc.
/interface vlan
add name=GuestNet comment="Guest Network" vlan-id=100 interface=bridge

/ip addresses
add address=192.168.99.1/24 comment=Guests interface=GuestNet network=192.168.99.0

/ip pool
add name=guest_pool ranges=192.168.99.20-192.168.99.254

/ip dhcp-server
add address-pool=guest_pool authoritative=yes disabled=no interface=GuestNet name=GuestDHCP

/ip dhcp-server network
add address=192.168.99.0/24 comment=Guests gateway=192.168.99.1 dns-server=192.168.99.1 netmask=24
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Re: Basic setup for router with multiple AP's

Tue Jul 11, 2017 7:08 am

So close, but something is not quite right. I followed your steps and just had to do one extra step: Enable the guest interface.

Now things are up and running, my home network has Internet as does my home Wi-Fi. I can connect to the guest Wi-Fi, but it does not have Internet access. Depending on the device I use to connect, an error is also shown on the device. e.g.) My phone states that the guest Wi-Fi has an "IP Configuration Failure".

I have attached the config files for both the router and the OmniTIK AP (have yet to do the second AP). Thanks again
You do not have the required permissions to view the files attached to this post.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Tue Jul 11, 2017 10:36 am

I missed a critical detail on DHCP server setting:
/ip dhcp-server network
add address=192.168.99.0/24 comment=Guests gateway=192.168.99.1 dns-server=192.168.99.1 netmask=24
Now DHCP should start working on the Guest network. (Already fixed this on my previous post 2011 export)

I'd modify two parameters so that you enable DNS serving to both networks from Mikrotik DNS cache:

1.- IP > DNS:
- set DNS Servers there (8.8.8.8, 8.8.4.4).
- Set Cache Max-TTL to 3d
- Raise Cache size to a couple MB (should be enough in your scenario)

2.- Set DNS server in home network (192.168.88.0): IP > DHCP Server | Network tab, and set DNS server to 192.168.88.1 so that your home devices use the 2011 DNS
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Re: Basic setup for router with multiple AP's

Wed Jul 12, 2017 7:18 am

I've added those configurations, but unfortunately the same problem exists. I have rebooted both devices just in case, but no difference (DHCP issues on the Guest network). I've attached the updated configuration file for the RB2011 - obviously the OmniTIK is unchanged. Is there a debug/log file I can provide? Thanks
You do not have the required permissions to view the files attached to this post.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Wed Jul 12, 2017 12:00 pm

Sorry, missed adding virtualAP interface to the bridge, on the Omnitik (Fixed on previous post):
add bridge=bridge1 interface=GuestNet

While reviewing the 2011 config I spotted another detail: 192.168.88.1 IP address should be assigned to bridge, not ether2-master.

Regarding guest network:

I would upgrade both the 2011, and specially the Omnitik to latest bugfix, 6.38.7.

Have a look at System > Routerboard, is "Upgrade Firmware" the same version as "Current Firmware? if not, upgrade it and reboot.

Make sure the Firmware on both is the latest.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Re: Basic setup for router with multiple AP's

Thu Jul 13, 2017 6:42 am

That did it. I have now also configured the Mikrotik AP without issue following your steps above. Everything appears to be working, but I am curious about the Interfaces on the two AP's bridges. (Bridge menu, Ports tab).

On the Mikrotik AP Interface
- 1_To-2011 has a role of root port
- GuestNet has disabled port
- GuestNet2 has designated port
- wlan1 disabled port
- wlan2 disabled port

On the OmniTik AP Interface
- 1_To_2011 has a role of root port
- GuestNet disabled port
- wlan1 designated port

It's far from consistent yet things work... Can you explain?

As mentioned, everything is working. I have attached the configuration files for the router and two access points in case it can be of use to others.

Thanks again for all your help.
You do not have the required permissions to view the files attached to this post.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Thu Jul 13, 2017 11:18 am

Those are the R(STP) port roles (See wiki on bridge)
(R)STP algorithm assigned role of the port:

Disabled port - not strictly part of STP, a network administrator can manually disable a port
Root port – a forwarding port that is the best port from Nonroot-bridge to Rootbridge
Alternative port – an alternate path to the root bridge. This path is different than using the root port
Designated port – a forwarding port for every LAN segment
Backup port – a backup/redundant path to a segment where another bridge port already connects.
Do not worry about the disabled ones, they will be enabled automatically once a station connects to it (wlan interfaces).

I'd upgrade all of them to latest bugfix, specially the Omnitik/wAP AC.

To do so:
1.- Go to System > Packages, [Check For Updates] button
2.- Set Channel to bugfix, then click [Check For Updates] button

Check Firmware is up to date after reboot.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Re: Basic setup for router with multiple AP's

Fri Jul 14, 2017 3:41 am

Great.. I've updated all three devices to 6.38.7 (bugfix). Things look good. Thanks again.
 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Re: Basic setup for router with multiple AP's

Tue Aug 29, 2017 6:56 am

Time for a bit of a flashback. I've just noticed that the OmniTIK is only running a single wlan on the 5 GHz band whereas the Mikrotik AP has both a 5 GHz wlan and a distinct wlan running 2 GHz. Most of my devices work fine on 5, but when the Mikrotik 2 GHz stopped working (not sure why, but a reboot fixed things), I noticed the lack of redundancy when some devices lost connectivity.

Could you walk me through the commands to add a second wlan2 on the OmniTIK with a guest network leveraging 2 GHz? I reviewed the postings earlier in the thread and the components around wlan2 don't seem to be there. I tried looking at my exports from the Mikrotik AP and adding a wlan2, but couldn't quite get it working. No configurations have changed from the exports included in the post above. Thanks again.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's  [SOLVED]

Tue Aug 29, 2017 12:33 pm

Omnitik has single radio (5GHz) it doesn't have 2.4GHz.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
whatlanisthis
just joined
Topic Author
Posts: 12
Joined: Sun Jul 09, 2017 4:46 am

Re: Basic setup for router with multiple AP's

Wed Aug 30, 2017 5:13 am

Ah yes... I misread the product description while checking on the problem. Thanks again.
 
User avatar
minimalistix
just joined
Posts: 5
Joined: Thu May 25, 2017 12:37 am

Re: Basic setup for router with multiple AP's

Thu Jun 28, 2018 9:47 pm

This solution requires changes because after version 6.41 the master-port attribute for the bridge was replace by hardware offloading flag on the bridge.

WIlson,
- wil
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Thu Jul 05, 2018 8:34 pm

The only modification required would be adding the interfaces directly to the bridge, instead of setting the master-port.

ROS will enable HW offloading if suitable.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
anushka
just joined
Posts: 1
Joined: Fri Jul 06, 2018 10:35 am

Re: Basic setup for router with multiple AP's

Fri Jul 06, 2018 10:45 am

Nice :)
 
doart
just joined
Posts: 2
Joined: Fri Jul 06, 2018 12:04 pm

Re: Basic setup for router with multiple AP's

Sat Jul 07, 2018 3:57 pm

I have just had my router replaced with a Mikrotik hAP ac lite Tower and I bought a second identical one.
Mikrotik#1 is the main router connected to the internet
Mikrotik#2 is to be the wired "home" wired network with an associated wireless network.

My aim is to have a "home" wired network with an associated wireless network running on both access points.
Currently I have wired ether3 via cable to a modified d-Link ADSL router which I have setup as a Wired AP made no changes in the ISP config of Mikrotik#1 the system is working but being outdated and temperamental I want to replace the d-Link with the Microtik#2

This very similar to first post by whatlanisthis but without the isolated wireless guest network.
Being unfamiliar with the Mikrotik's am having a hard time getting to grips with it have been at it almost a week with no real success.

Can the Example for a single SSID Omnitik work on my Mikrotik system. I would like to connect the two with a cable on ether3 if possible.

I started with the default reset configuration on the Mikrotik#2 how would I proceed from here am getting desperate to get this working can you please help get me out of my misery..
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Sun Jul 08, 2018 11:34 am

On Mikrotik #2:

1.- Upgrade to latest bugfix
2.- Reset to no defaults
3.- Create a bridge. Add all interfaces (wired and wireless) to the bridge.
4.- Configure wireless interfaces: same SSID, security (WPA2) and passphrase as on Mikrotik #1.

Done. As long as you plug one ether from Mikrotik #2 to the lan ports that belong to the lan bridge of Mikrotik #1. everything will be managed (DHCP, etc) by Mikrotik #1 (ether3?).

Mikrotik #2 becomes a "wired/wireless switch".

You can manage Mikrotik #2 via the Neighbors tab in winbox (Mac-winbox).

If you want Mikrotik #2 to have an IP to be reachable in L3: add a DHCP Client on the bridge, default settings are fine.

That's all required.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
doart
just joined
Posts: 2
Joined: Fri Jul 06, 2018 12:04 pm

Re: Basic setup for router with multiple AP's

Fri Jul 13, 2018 4:59 pm

Apologies for the late report back somehow missed your feedback.
Thank you Soooo much for the info have set it up and has been running good so far for half a day I am hooping this has now been resolve thanks to you. Art
 
drowfiend
just joined
Posts: 1
Joined: Fri Jul 27, 2018 4:10 am

Re: Basic setup for router with multiple AP's

Fri Jul 27, 2018 4:19 am

Pukkita

I have a RB3011 as my primary router at home (ISP modem bridged) and have a smart home with all wired connections terminating at a CISCO 200 switch. I have installed 5 wAP around the house and am having difficulty getting them to work.

The wAP's will need to connect to the CISCO 200 because of the POE provided on that switch and several of the ports on the 3011 being occupied. Also, the SSID has to be the same across all of the wAP's

Would it be possible for you to point me in the right direction?

Many thanks in advance and very best regards
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Fri Jul 27, 2018 2:24 pm

No difference, the approach is the same.

Just config all the APs as wired/wireless switch as described. Configure the same SSID and security settings on all of them.

As long as the Cisco cable going to the Mikrotik connects to an ethernet port belonging to the same bridge as the DHCP server for your LAN runs, you'll be fine.

CAPsMAN could be interesting for a future phase, the cool thing being you'll be managing all the APs as if they were radio interfaces of the RB3011.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
satish1583
just joined
Posts: 1
Joined: Fri Jul 27, 2018 2:47 pm

Re: Basic setup for router with multiple AP's

Fri Jul 27, 2018 2:54 pm

kindly provide detail full configuration for CCR-1009-8G-15-15+ with help of winbox
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Basic setup for router with multiple AP's

Fri Jul 27, 2018 3:39 pm

Nothing special, on router just make sure the ether port where the AP is connected is in the bridge where DHCP runs on.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum

Who is online

Users browsing this forum: No registered users and 22 guests